February 16, 2018
Our IoT devices can increase both the quality of our personal lives and the effectiveness of our professional ones. Simply put, internet of things connects physical devices to the internet. With rapid innovation and competition in the IoT space, new products are pushed to market seemingly every day. As we increase our connections to the internet, we also must consider our vulnerabilities. With cyberattacks crippling some of the largest, most venerable global companies, we need to secure our IoT networks.
A recent Network World article outlines some tips for businesses to secure their IoT networks. Despite the ubiquity of IoT devices, the truth is the industry is relatively nascent. This is exciting from an innovation perspective but also sheds light on how little we know about IoT vulnerabilities.
Know your IT Responsibilities
The first step the article suggests is to assess and understand your IT security responsibilities. With increasing complexity and global scale of business networks, it is getting harder to understand what is exactly on your network, what is currently being used and what is possibly at risk.
Going about identifying the knowns and unknowns of your IoT network can feel like a massive undertaking. Network World suggests taking the Petagon’s approach to war planning. Start thinking about your network in terms of known knowns, known unknowns, and unknown unknowns.
The “known knowns” are highly visible. These are typically your computers, servers, phones and printers. With the introduction of more unique IoT devices, these may include smart speakers, health monitors, shipment trackers and RF devices. When working with your known knowns, it is imperative to constantly question features that can compromise security. Make sure management is structured so that individuals clearly oversee the IT security of those devices.
Devices less frequently scrutinized are what Network World calls peripheral devices such as printers. These devices often contain their own internet access and hotspots. If these hotspots are enabled, make sure this device is monitored with others in the network. Understand what data is stored on them if any. In addition, make sure the company maintains strong network policies for all hardware devices especially employee laptops and phones.
Know your Unknowns
The category of unknowns continues to grow for most companies. As networks get larger and more robust, the unknown connections become. An estimated 40% of devices are connected to the internet. Network World suggests looking at devices such as TVs, security cameras, USB devices and Bluetooth devices. Additionally, any consumer IoT devices brought into your business may also create room for security breaches. Any unknowns discovered should immediately be added to IT management.
Discovering the unknowns is not an easy task. Luckily, companies such as Attunix can help identify some of these unknown IoT connections and the vulnerabilities they create. Once the unknowns are identified, the security work begins. The next step in securing your IoT network is to assess the security level of each device including access, operating systems and network activity.